Guest user Created: Oct 03, 2017 Last commented: Oct 03, 2017

ISO 27k project sponsor

We are implementing ISO27K by end of year 2017. However, my question is though the standard does not clearly indicate: who should an internal ISO lead implementer and official report to in managing iso27k related project in an environment where an information security manager exists?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Oct 03, 2017

Answer: Generally a project manager has to report to the project sponsor, the person who has the most interest in the project success and the authority to make things happen if the project is not going well. In some cases this person is the CEO or a member of top management, but since you stated that an information security manager is already designated, then you should verify in the project plan documentation who is the project sponsor.

This material will also help you regarding ISO 27001 project implementation:
- Preparations for the ISO Implementation Project: A Plain English Guide https://advisera.com/books/preparations-for-the-iso-implementation-project-a-plain-english-guide/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Oct 03, 2017

Expert Advice Community